Mercurial > vim
changeset 13117:cfaa513efa3f v8.0.1433
patch 8.0.1433: illegal memory access after undo
commit https://github.com/vim/vim/commit/95dbcbea6d85a5b79d9617ab3863458fdf0217a0
Author: Bram Moolenaar <Bram@vim.org>
Date: Sat Jan 27 21:01:34 2018 +0100
patch 8.0.1433: illegal memory access after undo
Problem: Illegal memory access after undo. (Dominique Pelle)
Solution: Avoid the column becomes negative. (Christian Brabandt,
closes #2533)
| author | Christian Brabandt <cb@256bit.org> |
|---|---|
| date | Sat, 27 Jan 2018 21:15:05 +0100 |
| parents | 4e4cb0764f0a |
| children | d2720676b789 |
| files | src/mbyte.c src/testdir/test_undo.vim src/version.c |
| diffstat | 3 files changed, 16 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/mbyte.c +++ b/src/mbyte.c @@ -1784,6 +1784,7 @@ dbcs_ptr2char(char_u *p) * Convert a UTF-8 byte sequence to a wide character. * If the sequence is illegal or truncated by a NUL the first byte is * returned. + * For an overlong sequence this may return zero. * Does not include composing characters, of course. */ int @@ -4112,7 +4113,10 @@ mb_adjustpos(buf_T *buf, pos_T *lp) ) { p = ml_get_buf(buf, lp->lnum, FALSE); - lp->col -= (*mb_head_off)(p, p + lp->col); + if (*p == NUL || (int)STRLEN(p) < lp->col) + lp->col = 0; + else + lp->col -= (*mb_head_off)(p, p + lp->col); #ifdef FEAT_VIRTUALEDIT /* Reset "coladd" when the cursor would be on the right half of a * double-wide character. */